Red Hat Bugzilla – Bug 1316248
[RFE] Log user and access key with each bucket and object operation for audit purposes
Last modified: 2017-09-21 19:14:17 EDT
As an admin, I need to store logs for every operation performed by my users through RGW for audit purposes.
As an admin, I need to see what operations a particular user performed on a bucket and/or object.
As an admin, I need to see what access key a user used when performing an operation.
As an admin, I need to have the log structure which allows me to write scripts which can easily extra the audit information I need.
If someone uses HAproxy in front of RGW, you can configure it to do this. In the frontend section add (where 12345 is the length of a key/token):
capture request header AWSAccessKeyId len 12345
For Swift, I think it should be:
capture request header X-Auth-Token len 12345
capture request header X-Storage-Toke len 12345
*** Bug 1230413 has been marked as a duplicate of this bug. ***